There is a lot of activity in the security community as the world adjusts to a greater need for attention to privacy and security in electronic matters. We will use this section of our site to post commentary and articles related to our efforts aimed at stopping advanced network threats.

​CEOCFO MagazineInterviewwith Founder John PoffenbargerOur founder, John Poffenbarger, sat down with Lynn Fosse, Senior Editor of CEOCFO Magazine, to talk DefiniSec. "We build data protections customers can depend on. We empower our partners and users to make certain and measurable claims. We bring certainty to an uncertain dynamic."

​Introducing SSProtect :RespondWe have a number of articles coming your way in the 2nd half of 2017, and we will be releasing our first Whitepaper in the same period. Version v5.3.0 of SSProtect, our data protection suite, is currently available, and it includes the first production release of SSProtect :Respond, an Incident Response capability that brings product components together to provide Automated Remediation, Data Exposure Risk Analysis, and Third Party Data Exposure Reporting all designed to drastically reduce the impact of data security incidents through reduced uncertainty and fast response times.

​In Part 1, we discussed Ransomware/ Malware campaigns that can and will steal data that today is only encrypted and held for ransom, significantly raising the stakes for ransom payments. In this follow-up, we use specifics from the #Petya/ #NotPetya (#SortaPetya) attack to describe the necessary mechanisms that stop such a threat. We will close with summary recommendations with the goal of motivating change in existing security architectures.

In the past few days and past couple months, we've experienced two significant Ransomware campaigns that stand out from the rest. In this two-part article, we start with a review of today's accepted protection methods, then follow with a current example that shows what's to come. We close with an introduction to practical solutions that address this emerging threat, then follow with more details in Part 2, available shortly.​

File and Email Encryption software never lived up to expectations. Software is too difficult to use. Effectiveness often falls short, and known exceptions are reserved for the technically astute. But with emerging technologies and community adoption, the opportunity to address shortcomings has become significant. Join us for a closer view of Next Generation File and Email Encryption to see just how remarkable these opportunities are proving to be.

File encryption software has traditionally been cumbersome to use, and has seldom been useful against the host threat. For an attacker, all he or she needs to do is wait around someone to Login and unlock their archive before making off with all the, "protected" data and decryption keys. SSProtect changes this, using a non-intrusive form of data encryption that not only retains native application workflows, but stops localhost attackers in their tracks.

Ransomware has had its' way with nearly half of all major companies. Billion of dollars have been lost, and to-date, SSProtect has proven to be reliable for mitigating the impact of a direct hit from what some are calling an electronic epidemic. Join us to see how SSProtect provides your Last Line of Defense, and stay tuned to see what the New Year holds. We can say one thing: You haven't seen nothin' yet!

Join us for the first in a set of articles aimed at helping you better understand SSProtect, our distributed software solution that protects your data from today's most advanced threats without making you change the way you work. This article introduces you to our :Confidential component and explains how we minimize impact to your daily use of sensitive information.

There are a number of common tools used throughout the IT community, and some of these open up security problems that are often seen as irrelevant. Join us to take a look at a couple examples and the realities behind the problems they can create. Stick around to see what DefiniSec is doing to help address the problem without adding to the IT workload.

Hacking Team is an Italian company that sells intrusion and surveillance technologies. In July 2015, their network was breached, and events detailed on pastebinfor the world to see. This provides us with a rare front row seat to observe a data breach in detail. After reading this article, those unfamiliar with these dynamics will have a new appreciation for today's Cybersecurity threats and a greater understanding of security practitioners and their needs. Reduce threats to your own organization by following with, What You Should Know Part II - Addressing Vectors From The Hacking Team Breach.

After nearly 2 years of work, our team is pleased to announce General Availability of SSProtect. Comprised of what would normally be considered 3 or 4 independent products and designed to make data protections easy to use, we are highly effective in stopping some of today's most advanced threats.

Ransomware has quickly become one of the more damaging threats in recent years. Though common wisdom reverts back to recommendations from over a decade ago, we introduce new capabilities that not only bring and end to data sabotage, but also public disclosure. Read more here.

January 29th, 2016 -Introducing Honeypot ControlsHoneypots are resources designed to help manage networks by redirecting attention or providing information gathering opportunities not available with production resources. SSProtect now affords users the ability to create Honeypot files. Join us here to learn why this method of detection is effective.

November 28th, 2015 - Our Approach Addressing Advanced AttacksAhead of our Cyber Monday plans, we thought it made sense to step back and talk about our protections against Advanced Attacks on corporate data. In this discussion, we use the term Advanced Attack to refer to dynamics not well managed by today's security solutions. As you will see, a solid foundation quickly yields additional advantages which forms the basis of SSProtect, our hybrid software/service product suite designed to stop nation-state and organized electronic crime gangs from acquiring access to sensitive data found in unstructured corporate application data content.

We’re pleased to note that this quarter we have moved up to position 237 in the Cybersecurity 500.* It’s an honor to be recognized with so many other prestigious security companies, and a testament to our team’s hard work focused specifically on stopping advanced nation-state threats from acquiring corporate Intellectual Property in unstructured data content. Join us here for a look at our progress and plans as we start to approach the New Year.*In April 2016 we were moved to position 222.

Today MESA International announced its Cybersecurity Working Group focused on guidance as it relates to manufacturing. Our founder, John Poffenbarger, will serve as Co-Chairman of group activities. In the announcement, he noted, "Though there is in general a rising awareness, there too exists an escalation in the threat landscape. Our challenge is to consolidate these dynamics into a focused set of principles that offer measurable value the community has come to expect from MESA International." You can see the full press release here.

Data protection requires a comprehensive solution to manage today's advanced threats. This includes access control, data encryption, collaboration, and storage. This has typically required you to shop for the best solution in each category, then spend the time and money to integrate while managing the impact to operations. This is time-consuming, expensive, and hasn't worked out well. But now, with the introduction of SSProtect, you get all of these capabilities in a single, easy-to-use solution that won't cost much more than it does to keep your car washed throughout the year. Join us for a quick tour.

July 28th, 2015 - Effective Management of APTs Using Data Exposure Mitigation and Management​Nation-state entities and organized crime gangs, so-called APTs, are having their way with sensitive corporate data. Traditional tools like Anti-Virus software aren't sufficient to protect unstructured application data. Join us in our introduction of Data Exposure Mitigation and Management, the latest approach in anti-APT data protection. In this offering we describe how SSProtect achieves effective results against APT intrusions.

Every day we see new companies emerge touting new, secure ways to solve your data management needs. On investigation, we find teams with no experience securing corporate assets or building secure solutions. In this column, we review basic requirements any team must adhere to in order to achieve effective results. With this information you will be equipped to understand today's challenges and choose a vendor aligned with your needs.

A number of popular Internet email service providers have announced end-to-end email encryption by year's end. Encryption without access control is not security. DefiniSec combines the best of both worlds by combining Microsoft Outlook together with SSProtect, empowering you to provide a framework for secure email collaboration without concerns of human error. Read more about how SSProtect provides Universal Email Protection, Today...

Today Synaptics announced SmartBar, along with traction for mouse integration of their Natural ID biometric solution. See how this affects effective two-factor authentication and our plans for incorporating these technologies into our product suite.

In this offering, we discuss simple aspects of the APT dynamic and some of the confusing aspects of end-to-end data security. We talk about so-called, "Bank Level" or "Military Grade Encryption", what it means, why it does/ does not matter, and what you can do to insure you have real protection.

It's been almost a month since we've provided an update and our founder, John Poffenbarger, takes a few minutes to ask a question, answer it with another, then explain why we don't post more often. You can view his message in all its' irony here.

Over 35,000 people and 500 companies convened at Moscone Center south of Market in San Francisco last week, and we were there with others talking to customers, meeting with partners, and looking at the latest innovations. Though not unique, we share some of our perspective here.

As the Washington Post reports, National Security Agency Director Adm. Michael Rogers said in a recent speech at Princeton University, "I don’t want a back door, I want a front door. And I want the front door to have multiple locks. Big locks.” Go here to see why this is the right idea. wrong application.

April 6th, 2015 - DefiniSec Named to the CyberSecurity 500 for Intellectual Property Protection

We are humbled to learn that in May, we were listed in the CyberSecurity 500, a global list that is, "...a nod to the hottest and most innovative companies" according to Cybersecurity Ventures founder and CEO Steve Morgan. We are proud to note that we were the only company listed for Intellectual Property Protection, and looking forward to our upcoming evaluation releases in support of this important mission.

DefiniSec today joined the Guidance Software, Inc. Partner Program to more tightly integrate technologies and meet the direct needs of mutual customers responsible for Forensic Investigations. We will have more details in 2Q15. For immediate interests, email info@definisec.com.